Activities of "andmattia"
Answer
Ok, this issue is related to IIS if I call using debug via console it works. now the problem is permission on ANZ I've this permission
ANZ
"Pages.Tenants",
"Pages.Tenants.Create",
"Pages.Tenants.Edit",
"Pages.Tenants.ChangeFeatures",
"Pages.Tenants.Delete",
"Pages.Tenants.Impersonation"
on ABP.IO
"Saas.Tenants"
I try to add a row on ABP db on AbpPermissionGrants (picture below) but now on swagger I get an error "Bad Request, error: invalid_grant"
So now my question is: how can it works? If I add permission on ABP I get an error if I don't add it I'm not authorized. About permission: ABP send permission name to ANZ? It not make sense... or it happen only beacuse I chosse authorization_code...
For us it's important to undestend this point becasue at the moment we have 2 payed subscrption on ANZ & ABP but we cannot bring the max from both.
Answer
Hi
I add https://localhost:44367 to appsetting on ANZ solution AZN
"App": {
"ServerRootAddress": "http://localhost:22742/",
"ClientRootAddress": "http://localhost:4200/",
"CorsOrigins": "http://*.mycompany.com,http://localhost:4200,http://localhost:49152,https://localhost:44333,https://localhost:44367",
"SwaggerEndPoint": "/swagger/v1/swagger.json",
"AllowAnonymousSignalRConnection": "true"
},
ABP.IO
"App": {
"SelfUrl": "https://localhost:44367",
"AngularUrl": "http://localhost:4200",
"MVCPublicUrl": "https://localhost:44306",
"CorsOrigins": "https://*.test2demo.com,http://localhost:4200,http://localhost:22742"
},
but problem still exixts.
So on your side has you test and works? Has you the correct permission to query data on ABP.IO authenticated from ANZ?
Answer
I've send souce code of both solution to info email.
Answer
Hi
I try from 2 new clean solution ANZ (7.1.0) ABP.IO (lastest) but nothing change ANZ say autenthication complete but APB.IO on swagger say "Unable to fatch" and no auth completed. I can share with you.
Answer
How can I share the permission?
My scenario is:
- ANZ solution name test1 with its own permission
- ABP solution name test2 with its own permission (es. blog auth)
When I open swagger on abp.io page tha auth process call ANZ identity and receive a correct token but when i call it from swagger I need to indecate scope the scope name available is test2, because I'm on test2 abp.io app. I look into redis and I see that Volo.Abp.PermissionManamente.PermissionGrant.test2.pn.C.test2_swagger all sub key has isgranted set to false.
My dubt is that test2_swagger has no permission, how can give permission to that user profile?
Answer
HI
You can ignore the error related to CacheRedis I update to 6.2.x version and it disappear, so I'still have permission issue. If you look the log below you can see the problem that "PermissionRequirement: AuditLogging.AuditLogs", I try with other method but I've the same result. So I can suppose that is relate dot Identity configuration (scope and permission)
2022-02-16 12:35:52.173 +01:00 [INF] Request starting HTTP/2 GET https://localhost:44333/api/audit-logging/audit-logs?SkipCount=0&MaxResultCount=10 - -
2022-02-16 12:35:52.175 +01:00 [INF] Executing endpoint 'Volo.Abp.AuditLogging.AuditLogsController.GetListAsync (Volo.Abp.AuditLogging.HttpApi)'
2022-02-16 12:35:52.200 +01:00 [INF] Route matched with {area = "auditLogging", controller = "AuditLogs", action = "GetList", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.Application.Dtos.PagedResultDto`1[Volo.Abp.AuditLogging.AuditLogDto]] GetListAsync(Volo.Abp.AuditLogging.GetAuditLogListDto) on controller Volo.Abp.AuditLogging.AuditLogsController (Volo.Abp.AuditLogging.HttpApi).
2022-02-16 12:35:52.479 +01:00 [DBG] Added 0 entity changes to the current audit log
2022-02-16 12:35:52.627 +01:00 [DBG] Executing HealthCheck collector HostedService.
2022-02-16 12:35:52.628 +01:00 [INF] Start processing HTTP request GET "https://localhost:44333/health-status"
2022-02-16 12:35:52.628 +01:00 [INF] Sending HTTP request GET "https://localhost:44333/health-status"
2022-02-16 12:35:52.639 +01:00 [INF] Request starting HTTP/1.1 GET https://localhost:44333/health-status - -
2022-02-16 12:35:52.641 +01:00 [INF] Executing endpoint 'Health checks'
2022-02-16 12:35:52.647 +01:00 [DBG] Added 0 entity changes to the current audit log
2022-02-16 12:35:52.647 +01:00 [INF] Executed endpoint 'Health checks'
2022-02-16 12:35:52.647 +01:00 [DBG] Added 0 entity changes to the current audit log
2022-02-16 12:35:52.647 +01:00 [INF] Request finished HTTP/1.1 GET https://localhost:44333/health-status - - - 200 - application/json 8.1237ms
2022-02-16 12:35:52.656 +01:00 [INF] Received HTTP response headers after 28.5052ms - 200
2022-02-16 12:35:52.657 +01:00 [INF] End processing HTTP request after 28.6498ms - 200
2022-02-16 12:35:52.657 +01:00 [DBG] HealthReportCollector - health report execution history saved.
2022-02-16 12:35:52.657 +01:00 [DBG] HealthReport history already exists and is in the same state, updating the values.
2022-02-16 12:35:52.657 +01:00 [DBG] HealthReportCollector has completed.
2022-02-16 12:35:52.657 +01:00 [DBG] HealthCheck collector HostedService executed successfully.
2022-02-16 12:35:53.107 +01:00 [INF] Executing action method Volo.Abp.AuditLogging.AuditLogsController.GetListAsync (Volo.Abp.AuditLogging.HttpApi) - Validation state: "Valid"
2022-02-16 12:35:53.384 +01:00 [DBG] PermissionStore.GetCacheItemAsync: pn:U,pk:1,n:AuditLogging.AuditLogs
2022-02-16 12:35:53.388 +01:00 [DBG] Found in the cache: pn:U,pk:1,n:AuditLogging.AuditLogs
2022-02-16 12:35:53.388 +01:00 [DBG] PermissionStore.GetCacheItemAsync: pn:C,pk:clay_Swagger,n:AuditLogging.AuditLogs
2022-02-16 12:35:53.392 +01:00 [DBG] Found in the cache: pn:C,pk:clay_Swagger,n:AuditLogging.AuditLogs
2022-02-16 12:35:53.392 +01:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: AuditLogging.AuditLogs
2022-02-16 12:35:53.428 +01:00 [WRN] ---------- RemoteServiceErrorInfo ----------
{
"code": "Volo.Authorization:010001",
"message": "Authorization failed! Given policy has not granted.",
"details": null,
"data": {},
"validationErrors": null
}
2022-02-16 12:35:53.429 +01:00 [WRN] Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown.
Volo.Abp.Authorization.AbpAuthorizationException: Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown.
at Microsoft.AspNetCore.Authorization.AbpAuthorizationServiceExtensions.CheckAsync(IAuthorizationService authorizationService, AuthorizationPolicy policy)
at Volo.Abp.Authorization.MethodInvocationAuthorizationService.CheckAsync(MethodInvocationAuthorizationContext context)
at Volo.Abp.Authorization.AuthorizationInterceptor.AuthorizeAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Authorization.AuthorizationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
at Volo.Abp.GlobalFeatures.GlobalFeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
at Volo.Abp.Features.FeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
at Volo.Abp.Validation.ValidationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Volo.Abp.AuditLogging.AuditLogsController.GetListAsync(GetAuditLogListDto input)
at lambda_method2577(Closure , Object )
at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
2022-02-16 12:35:53.429 +01:00 [WRN] Code:Volo.Authorization:010001
2022-02-16 12:35:53.437 +01:00 [INF] AuthenticationScheme: Bearer was forbidden.
2022-02-16 12:35:53.438 +01:00 [INF] Executed action Volo.Abp.AuditLogging.AuditLogsController.GetListAsync (Volo.Abp.AuditLogging.HttpApi) in 1237.7755ms
2022-02-16 12:35:53.438 +01:00 [INF] Executed endpoint 'Volo.Abp.AuditLogging.AuditLogsController.GetListAsync (Volo.Abp.AuditLogging.HttpApi)'
2022-02-16 12:35:53.439 +01:00 [INF] Request finished HTTP/2 GET https://localhost:44333/api/audit-logging/audit-logs?SkipCount=0&MaxResultCount=10 - - - 403 0 - 1265.7960ms
Answer
Hi
from ANZ side the login works fine
INFO 2022-02-14 17:36:23,525 [63 ] pNetCore.Cors.Infrastructure.CorsService - CORS policy execution successful.
WARN 2022-02-14 17:36:23,526 [63 ] entityServer4.Hosting.CorsPolicyProvider - CorsPolicyService did not allow origin: https://localhost:44333
INFO 2022-02-14 17:36:23,530 [63 ] Server4.Hosting.IdentityServerMiddleware - Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
INFO 2022-02-14 17:36:23,944 [63 ] Server4.Validation.TokenRequestValidator - Token request validation success, {
"ClientId": "test_Swagger",
"GrantType": "authorization_code",
"AuthorizationCode": "b5f5b172e7ffec89337f824ea1e0d0500d3d03fb7a7d11770c632fb053f04dc6",
"Raw": {
"grant_type": "authorization_code",
"code": "b5f5b172e7ffec89337f824ea1e0d0500d3d03fb7a7d11770c632fb053f04dc6",
"client_id": "test_Swagger",
"client_secret": "***REDACTED***",
"redirect_uri": "https://localhost:44333/swagger/oauth2-redirect.html"
}
}
I try to call
response
Redis version redis_version:3.0.504
log trace for this call
2022-02-14 17:32:42.344 +01:00 [INF] Request starting HTTP/2 GET https://localhost:44333/api/audit-logging/audit-logs - -
2022-02-14 17:32:42.347 +01:00 [INF] Executing endpoint 'Volo.Abp.AuditLogging.AuditLogsController.GetListAsync (Volo.Abp.AuditLogging.HttpApi)'
2022-02-14 17:32:42.364 +01:00 [INF] Route matched with {area = "auditLogging", controller = "AuditLogs", action = "GetList", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.Application.Dtos.PagedResultDto`1[Volo.Abp.AuditLogging.AuditLogDto]] GetListAsync(Volo.Abp.AuditLogging.GetAuditLogListDto) on controller Volo.Abp.AuditLogging.AuditLogsController (Volo.Abp.AuditLogging.HttpApi).
2022-02-14 17:32:42.634 +01:00 [DBG] Added 0 entity changes to the current audit log
2022-02-14 17:32:42.638 +01:00 [WRN] ERR Error running script (call to f_3915ee22fda531a1d5661f2523d0443fd35ff0a4): @user_script:2: @user_script: 2: Wrong number of args calling Redis command From Lua script
StackExchange.Redis.RedisServerException: ERR Error running script (call to f_3915ee22fda531a1d5661f2523d0443fd35ff0a4): @user_script:2: @user_script: 2: Wrong number of args calling Redis command From Lua script
at Volo.Abp.Caching.StackExchangeRedis.AbpRedisCache.SetManyAsync(IEnumerable`1 items, DistributedCacheEntryOptions options, CancellationToken token)
at Volo.Abp.Caching.DistributedCache`2.<>c__DisplayClass54_0.<<SetManyAsync>g__SetRealCache|0>d.MoveNext()
2022-02-14 17:32:43.702 +01:00 [DBG] Finished setting the cache items. Count: 104
2022-02-14 17:32:43.707 +01:00 [DBG] PermissionStore.GetCacheItemAsync: pn:C,pk:clay_Swagger,n:AuditLogging.AuditLogs
2022-02-14 17:32:43.708 +01:00 [DBG] Not found in the cache: pn:C,pk:clay_Swagger,n:AuditLogging.AuditLogs
2022-02-14 17:32:43.708 +01:00 [DBG] Getting all granted permissions from the repository for this provider name,key: C,clay_Swagger
2022-02-14 17:32:43.710 +01:00 [DBG] Setting the cache items. Count: 104
2022-02-14 17:32:43.725 +01:00 [WRN] ERR Error running script (call to f_3915ee22fda531a1d5661f2523d0443fd35ff0a4): @user_script:2: @user_script: 2: Wrong number of args calling Redis command From Lua script
StackExchange.Redis.RedisServerException: ERR Error running script (call to f_3915ee22fda531a1d5661f2523d0443fd35ff0a4): @user_script:2: @user_script: 2: Wrong number of args calling Redis command From Lua script
at Volo.Abp.Caching.StackExchangeRedis.AbpRedisCache.SetManyAsync(IEnumerable`1 items, DistributedCacheEntryOptions options, CancellationToken token)
at Volo.Abp.Caching.DistributedCache`2.<>c__DisplayClass54_0.<<SetManyAsync>g__SetRealCache|0>d.MoveNext()
2022-02-14 17:32:43.725 +01:00 [DBG] Finished setting the cache items. Count: 104
2022-02-14 17:32:43.728 +01:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: AuditLogging.AuditLogs
2022-02-14 17:32:43.754 +01:00 [WRN] ERR Error running script (call to f_3915ee22fda531a1d5661f2523d0443fd35ff0a4): @user_script:2: @user_script: 2: Wrong number of args calling Redis command From Lua script
StackExchange.Redis.RedisServerException: ERR Error running script (call to f_3915ee22fda531a1d5661f2523d0443fd35ff0a4): @user_script:2: @user_script: 2: Wrong number of args calling Redis command From Lua script
at StackExchange.Redis.ConnectionMultiplexer.ExecuteSyncImpl[T](Message message, ResultProcessor`1 processor, ServerEndPoint server) in /_/src/StackExchange.Redis/ConnectionMultiplexer.cs:line 2817
at StackExchange.Redis.RedisBase.ExecuteSync[T](Message message, ResultProcessor`1 processor, ServerEndPoint server) in /_/src/StackExchange.Redis/RedisBase.cs:line 54
at StackExchange.Redis.RedisDatabase.ScriptEvaluate(String script, RedisKey[] keys, RedisValue[] values, CommandFlags flags) in /_/src/StackExchange.Redis/RedisDatabase.cs:line 1189
at Microsoft.Extensions.Caching.StackExchangeRedis.RedisCache.Set(String key, Byte[] value, DistributedCacheEntryOptions options)
at Volo.Abp.Caching.DistributedCache`2.<>c__DisplayClass50_0.<Set>g__SetRealCache|0()
2022-02-14 17:32:43.757 +01:00 [WRN] ---------- RemoteServiceErrorInfo ----------
{
"code": "Volo.Authorization:010001",
"message": "Authorization failed! Given policy has not granted.",
"details": null,
"data": {},
"validationErrors": null
}
2022-02-14 17:32:43.757 +01:00 [WRN] Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown.
Volo.Abp.Authorization.AbpAuthorizationException: Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown.
at Microsoft.AspNetCore.Authorization.AbpAuthorizationServiceExtensions.CheckAsync(IAuthorizationService authorizationService, AuthorizationPolicy policy)
at Volo.Abp.Authorization.MethodInvocationAuthorizationService.CheckAsync(MethodInvocationAuthorizationContext context)
at Volo.Abp.Authorization.AuthorizationInterceptor.AuthorizeAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Authorization.AuthorizationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
at Volo.Abp.GlobalFeatures.GlobalFeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
at Volo.Abp.Features.FeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
at Volo.Abp.Validation.ValidationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Volo.Abp.AuditLogging.AuditLogsController.GetListAsync(GetAuditLogListDto input)
at lambda_method2556(Closure , Object )
at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
2022-02-14 17:32:43.757 +01:00 [WRN] Code:Volo.Authorization:010001
2022-02-14 17:32:43.761 +01:00 [INF] AuthenticationScheme: Bearer was forbidden.
2022-02-14 17:32:43.762 +01:00 [INF] Executed action Volo.Abp.AuditLogging.AuditLogsController.GetListAsync (Volo.Abp.AuditLogging.HttpApi) in 1398.681ms
2022-02-14 17:32:43.763 +01:00 [INF] Executed endpoint 'Volo.Abp.AuditLogging.AuditLogsController.GetListAsync (Volo.Abp.AuditLogging.HttpApi)'
2022-02-14 17:32:43.763 +01:00 [INF] Request finished HTTP/2 GET https://localhost:44333/api/audit-logging/audit-logs - - - 403 0 - 1418.9789ms
2022-02-14 17:32:51.404 +01:00 [DBG] Executing HealthCheck collector HostedService.
Answer
I change the JSON config and now it works.
{
"ClientId": "test_Swagger",
"AllowedGrantTypes": [
"authorization_code"
],
"ClientSecrets": [
{
"Value": "1q2w3e*"
}
],
"RedirectUris": [
"https://localhost:44333/swagger/oauth2-redirect.html"
],
"AllowedScopes": [
"default-api", "test"
]
},
But in some case still say 403 not auth. I need to add somenthing on ANZ db or ABP.IO db?
Answer
Hi @ismcagdas
So your suggestion is to create a separete DB for ABP.IO solution and use ANZ for identity but If I've a module (es. CRM) develop on ANZ (in a monolitic solution) I need to separete it on ABP.IO module and I can attach existing database?
About identity on new solution it works fine IS+HttpHOST. So I try to change IS for ABP.IO to ANZ
on appsettings.json Api.Host I've
"AuthServer": {
"Authority": "http://localhost:22742",
"RequireHttpsMetadata": "false",
"SwaggerClientId": "test_Swagger",
"SwaggerClientSecret": "1q2w3e*"
}
On ANZ
"IdentityServer": {
"IsEnabled": "true",
"Authority": "http://localhost:22742/",
"ApiName": "default-api",
"ApiSecret": "secret",
"Clients" : [
{
"ClientId": "test_Swagger",
"AllowedGrantTypes": [
"password"
],
"ClientSecrets": [
{
"Value": "1q2w3e*"
}
],
"AllowedScopes": [
"default-api"
]
}
]
I run both solution and works but if I try to authenticate from Swagger (ABP.IO) I see the correct URL
But it doesn't work. this is the log from ANZ solution
INFO 2022-02-14 16:49:16,147 [112 ] soft.AspNetCore.Hosting.Internal.WebHost - Request starting HTTP/1.1 GET http://localhost:22742/connect/authorize?response_type=code&client_id=test_Swagger&redirect_uri=https%3A%2F%2Flocalhost%3A44333%2Fswagger%2Foauth2-redirect.html&scope=clay&state=TW9uIEZlYiAxNCAyMDIyIDE2OjQ1OjAwIEdNVCswMTAwIChPcmEgc3RhbmRhcmQgZGVsbOKAmUV1cm9wYSBjZW50cmFsZSk%3D
INFO 2022-02-14 16:49:16,154 [112 ] Server4.Hosting.IdentityServerMiddleware - Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize
ERROR 2022-02-14 16:49:16,154 [112 ] er4.Validation.AuthorizeRequestValidator - Invalid redirect_uri: https://localhost:44333/swagger/oauth2-redirect.html
{
"ClientId": "test_Swagger",
"AllowedRedirectUris": [],
"SubjectId": "1",
"RequestedScopes": "",
"Raw": {
"response_type": "code",
"client_id": "test_Swagger",
"redirect_uri": "https://localhost:44333/swagger/oauth2-redirect.html",
"scope": "clay",
"state": "TW9uIEZlYiAxNCAyMDIyIDE2OjQ1OjAwIEdNVCswMTAwIChPcmEgc3RhbmRhcmQgZGVsbOKAmUV1cm9wYSBjZW50cmFsZSk="
}
}
Answer
Ok
In this case I need to start a new database with user and tenants? Or I can share the same database? I see that user ID on ABP.IO is GUID and not INT. On ANZ where I can find a guide/how to to use an external autentication throw APB.IO (or quite similar)?
UPDATE
we use standard document to allow Identity on ANZ ANZ Identity Config
Showing 21 to 30 of 200 entries